SECURE SOFTWARE DEVELOPMENT AWARENESS: A CASE STUDY OF UNDERGRADUATE DEVELOPERS

Abstract

As ubiquitous computing becomes an increasingly inherent component of everyday life due to the rapid growth of communication technologies and globalization, threats against information systems have taken a more latent yet lethal dimension. This emergent digital security challenge has correspondingly motivated a proactive change in the software engineering process in recent decades. This change has inspired more intense research scrutiny on security as a crucial component of any software system. Moreover, in today’s virtual world of hyperconnectivity, the most significant vulnerabilities in modern information systems security are software centred. Nevertheless, research shows that software developers often lack the required knowledge and skills in secure software systems development (SSD). Such knowledge ensures that all the resultant software components of each development lifecycle are correctly implemented rather than merely following the SSD lifecycle. Also, the knowledge engenders software security consciousness as a professional attitude amongst developers. Therefore, investigating students’ awareness of SSD principles can generate insight into evolving the undergraduate software development curriculum – a path to building future career developers. The study used a voluntary online survey to recruit a sample of 76 undergraduate developers and employed a descriptive approach to data analysis. Among other findings, the study revealed that participants’ perception of the threat of software vulnerability impacts their attitude towards security on online and mobile platforms. And that though over 90% of the undergraduate developers took software vulnerability threats either “serious” or “extremely serious”, this disposition did not reflect the depth of their knowledge and experience in SSD.